示例#1
0
def test_validate_fields_with_field_of_length_23(marine_instance: Marine):
    """
    We did not allocate err_msg in parse_output_fields in marine.c properly,
    and fields of length (23 + 16*n) specifically would cause an error.
    This error was probably was caused by overriding memory that was used by the allocator.
    """
    fields = ["a" * 23]
    assert marine_instance.validate_fields(fields) == MarineFieldsValidationResult(
        False, fields
    )
示例#2
0
def test_auto_encap_on_empty_fields(marine_instance: Marine):
    assert marine_instance._detect_encap(None) == encap_consts.ENCAP_ETHERNET
示例#3
0
def test_validate_fields_errors_order(marine_instance: Marine):
    fields = ["wrong", "this too", "wtf"]
    assert marine_instance.validate_fields(fields).errors == fields
示例#4
0
def test_validate_fields_failure(marine_instance: Marine):
    result = marine_instance.validate_fields(
        ["ip.src", "this.field.is.bad", "eth.dst", "another.bad"]
    )
    assert not result
    assert set(result.errors) == {"this.field.is.bad", "another.bad"}
示例#5
0
def test_validate_fields_with_field_template(marine_instance: Marine):
    assert marine_instance.validate_fields(
        ["macro.ip.src"], {"macro.ip.src": ["ip.src", "ipv6.src"]}
    )
示例#6
0
def test_set_epan_auto_reset_count(marine_instance: Marine):
    SOME_VALUE = 1
    assert marine_instance.epan_auto_reset_count != SOME_VALUE
    marine_instance.epan_auto_reset_count = SOME_VALUE
    assert marine_instance.epan_auto_reset_count == SOME_VALUE
示例#7
0
def test_validate_fields_success(marine_instance: Marine):
    assert marine_instance.validate_fields(["ip.src", "eth.dst"])
示例#8
0
def test_validate_display_filter_success(marine_instance: Marine):
    assert marine_instance.validate_display_filter("tcp")
示例#9
0
def test_validate_display_filter_failure(marine_instance: Marine):
    res = marine_instance.validate_display_filter("illegal_filter")
    assert not res
    assert "neither a field nor a protocol" in res.error
示例#10
0
def test_parse_fields_preserves_order(marine_instance: Marine, tcp_packet: bytes):
    assert marine_instance.parse(tcp_packet, fields=["udp.srcport", "tcp.srcport"]) == {
        "udp.srcport": None,
        "tcp.srcport": "16424",
    }
示例#11
0
def test_validate_bpf_failure_on_encapsulation(marine_instance: Marine):
    bpf = "ether host 00:01:45:aa:aa:aa"
    assert marine_instance.validate_bpf(bpf, encap_consts.ENCAP_ETHERNET)
    assert not marine_instance.validate_bpf(bpf, 9)  # PPP encapsulation type
示例#12
0
def test_report_fields(marine_instance: Marine, capfd: pytest.CaptureFixture):
    marine_instance.report_fields()
    out = capfd.readouterr().out
    assert "eth.src" in out
    assert "ip.src" in out
示例#13
0
def test_auto_encap_wireless(marine_instance: Marine):
    assert (
        marine_instance._detect_encap(["ip.src", "ip.dst", "radiotap.channel"])
        == encap_consts.ENCAP_IEEE_802_11_RADIOTAP
    )
示例#14
0
def test_auto_encap_ethernet(marine_instance: Marine):
    assert (
        marine_instance._detect_encap(["ip.src", "ip.dst"])
        == encap_consts.ENCAP_ETHERNET
    )
示例#15
0
def marine_instance(marine_so_path: str, epan_auto_reset_count: int) -> Marine:
    return Marine(epan_auto_reset_count=epan_auto_reset_count)
示例#16
0
def tcp_packet_fields(marine_instance: Marine, tcp_packet: bytes):
    return marine_instance.parse_all_fields(tcp_packet)